package com.bed.lovewithpatientbed.common.realm;

import com.bed.lovewithpatientbed.common.LoginSubjectType;
import com.bed.lovewithpatientbed.pojo.Role;
import com.bed.lovewithpatientbed.pojo.RolePermission;
import com.bed.lovewithpatientbed.pojo.WorkerMessage;
import com.bed.lovewithpatientbed.service.IPermissionService;
import com.bed.lovewithpatientbed.service.IWorkMessageService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;

import java.util.List;

/**
 * @author xuxiaoding
 * @version 1.0.0
 * @ClassName SystemUserRealm.java
 * @Description 自定义 shiro Realm 用于认证和授权
 */
public class SystemUserRealm extends AuthorizingRealm {

    private final LoginSubjectType loginSubjectType = LoginSubjectType.SYSTEM_USER;

    private IWorkMessageService workMessageService;

    private IPermissionService permissionService;

    public LoginSubjectType getLoginSubjectType() {
        return loginSubjectType;
    }

    @Autowired
    public void setWorkMessageService(IWorkMessageService workMessageService) {
        this.workMessageService = workMessageService;
    }

    @Autowired
    public void setPermissionService(IPermissionService permissionService) {
        this.permissionService = permissionService;
    }

    /**
     * @title
     * @description 处理认证
     * @author xuxiaoding
     * @param
     * @return
     * @throws
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (authenticationToken == null) {
            return null;
        }

        // 获取需要授权的身份信息
        String principal = (String) authenticationToken.getPrincipal();
        if (principal == null || "".equals(principal)) {
            return null;
        }
        // 从数据库中查询该身份信息对应的 WorkerMessage
        WorkerMessage workerMessage = workMessageService.retrieveWorkMessageByPhone(principal);
        if (ObjectUtils.isEmpty(workerMessage)) {
            return null;
        }

        // 返回认证信息
        return new SimpleAuthenticationInfo(workerMessage,
                workerMessage.getWorkMessagePassword(), this.getName());
    }

    /**
     * @title
     * @description 处理授权
     * @author xuxiaoding
     * @param
     * @return
     * @throws
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("SystemUserRealm.doGetAuthorizationInfo++++++++++++++++++++++++++++++");
        // 获取身份信息
        WorkerMessage workerMessage = (WorkerMessage) principalCollection.getPrimaryPrincipal();
        // 查询Role
        Role role = workMessageService.getRoleByRoleId(workerMessage.getRoleId());
        if (!ObjectUtils.isEmpty(role)) {
            SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
            // 添加角色
            simpleAuthorizationInfo.addRole(role.getRoleName());
            // 查询 Role 对应权限
            List<RolePermission> rolePermissionList = permissionService.getRolePermissionByRoleId(workerMessage.getRoleId());
            if (!CollectionUtils.isEmpty(rolePermissionList)) {
                for (RolePermission rolePermission : rolePermissionList) {
                    simpleAuthorizationInfo.addStringPermission(rolePermission.getPermission().getPermissionName());
                }
            }

            return simpleAuthorizationInfo;
        }

        return null;
    }


}
